hi, i'm getting connection attempts on port 2770 from someone on my network, which i found out is for the Veronica service (something to do with the gopher protocol i think). anyway, has anyone seen behaviour like this? (kerio log snapshot included)
No much information on it, and I have never seen this before. You should find out what the program is on the offending machine in your network, and go from there. It appears to be advertising itself as a service, or attempting to connect to any computer it can. A trojan/virus scan might be in order. If Kerio is installed on that computer you can use it to find which program is doing it, otherwise download Active Ports if you run NT on that machine. http://www.ntutility.com/freeware.html
This ports database reports veronica is listening on that port. Why any veronica would listen on that port, beats me. You can find one contact in all lists, one guy named jonas.at.gnu.org...
Meneer, the ip address listed in the logs is for a private range normally used for local area networks, and nobody outside the network can directly access the machine by the ip address. So your contact information is completely incorrect unless your also on the same local area network.
sorry... I meant that a guy named Jonas at gnu.org is the registered contact for veronica in the IANA well known ports database, I'm definately not on your network I just replied because this veronica business is completely unknown to me. Makes me wonder if this port is even used by any veronica and if the IANA should not clean up this list.
well i haven't gotten any recent requests, everything seems squared away; i think this person was running a malware of some sort and now it's cleaned up. thx for the info though~ i appreciate it